• Nightmare on direct marketing street
    By
    Elizabeth de Stadler
      The long awaited POPI regulations are here. They don't say much, but what they do say spells disaster for direct marketers. And you know us, we are not alarmist. Section 69 of POPI provides that if you want to send electronic direct marketing to a person to whom you have...
    Read More
  • Hot off the press: POPI Regulations out for comment
    By
    Elizabeth de Stadler
    The draft POPI regulations have just come out for comment. We will be digesting them over the weekend and will let you know what is what on Monday on our blog. Weekend reading. Yay. If you think you should start worrying about POPI now, go and visit our POPI page. We...
    Read More
  • Does complying with the security requirement in POPI make you WannaCry?
    By
    Paul Esselaar
    I often get asked what ‘appropriate security’ is for a particular business. Although this is a really important question, it is equally important that you ask the right person. The best way to think about this is to consider how the conversation would go in a court of law. Judge:...
    Read More
  • How a POPI project can mitigate the risks of a ransomware attack
    By
    Ilze Luttig Hattingh
    The recent WannaCry attack was one of the first highly publicised attacks in which ransomware was weaponized and used against numerous companies at once. It has caused many businesses to wake up to the reality of cyber extortionists. Ransomwhat? Ransomware refers to a type of malware that encrypts or otherwise restricts...
    Read More
  • Processing child information: It doesn't get more personal than that...
    By
    Elizabeth de Stadler
    Before we talk about the challenges of processing the personal information of minors, let’s take a step back. It feels like POPI has been in this kind of legislative limbo for years. Oh wait, it has been years. There seems to be some movement lately. Since Adv Pansy Tlakula...
    Read More
  • POPI or PawPaw? Who cares.
    By
    Elizabeth de Stadler
    So, the Information Regulator and the Department of Justice has asked everyone to stop calling the Protection of Personal Information Act 'POPI', but 'POPIA'. Of course, it only took about 5 seconds for the loons in my office to start calling it 'PAPAYA'. So no more 'no, POPI is not...
    Read More
  • Information Regulator says no...effective date this year
    By
    Elizabeth de Stadler
    So, the Information Regulator had a press conference today (13 February 2017). We were waiting with bated breath to hear what the effective date was going to be. Alas (or mercifully, depending on your perspective), it seems that the Information Regulator will only be making a recommendation to the...
    Read More
  • Direct email marketing around the world (well, almost)
    By
    Ilze Luttig Hattingh
    Looking for new clients? Don’t we all. Why not expand your client base to the US, Europe or India? Before you send out that gorgeous email campaign, let’s check the rules around marketing to people in those countries. Here is a quick summary of the rules about consent, opting in...
    Read More
  • Rethinking privacy policies
    By
    Elizabeth de Stadler
    These days, I find it very difficult to see the point of overly legalistic privacy policies normally hidden behind a tiny link at the bottom of a webpage. Apart from the fact that I am on a permanent plain language mission, my obsession with privacy policies is also fuelled by...
    Read More
  • What happens if you don't comply with POPI?
    By
    Paul Esselaar
    Earlier this year Elizabeth wrote a useful article entitled ‘5 Reasons why POPI Compliance Matters’. While Elizabeth’s article addressed why POPI compliance matters, this article focusses on what happens if you don’t have POPI compliance. If you are a compliance officer, these are the sticks you can use to get the...
    Read More